r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6156
Expires: Wed, 30 Nov 2022 11:03:12 GMT
Date: Wed, 30 Nov 2022 09:20:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8425
Expires: Wed, 30 Nov 2022 11:41:01 GMT
Date: Wed, 30 Nov 2022 09:20:36 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4722
Cache-Control: max-age=95357
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:20:36 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:49:53 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZhvjMXJ/+B6BbbPYGdEND99vtH2YU+YfTURjZYeuj3Ogb3LILg20n44XLiZL6KzHjFnZyrTCmXw=
x-amz-request-id: B95DPE6ZXT5D24VG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 08:45:10 GMT
age: 2126
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 09:19:41 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 55
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:20:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
mail.cafsrl.com.ar/
200.80.42.216200 OK 11 kB IP 200.80.42.216:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 57fce38e47727c3c53529997709f51ab
d2fde36a147440a43f5a84cf8655457f473f7b3a
bf8785f6c1189f742626ba51a4a0a42bbd2d2c445de4ad9fec44771a81159698
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:20 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 12:15:52 GMT
Accept-Ranges: bytes
Content-Length: 11383
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:20:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:20:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:200,300,400,900,700,500,300
142.250.74.106200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:200,300,400,900,700,500,300
IP 142.250.74.106:0
Hash 45bc8a27f7bab83ac7e6b9a5d97c2da4
365ccb747367a7c5d5c51953f831de52ec04de2c
c22e99d4830a41756701759a0766fc7f9e211c50a74878ffc94d104140de974c
GET /css?family=Roboto:200,300,400,900,700,500,300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 09:20:36 GMT
date: Wed, 30 Nov 2022 09:20:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:20:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mail.cafsrl.com.ar/css/justifiedGallery.min.css
200.80.42.216200 OK 3.2 kB URL HTTP/1.1 mail.cafsrl.com.ar/css/justifiedGallery.min.css
IP 200.80.42.216:0
Hash 410555e0d7fc98ca46f91a05ff752374
be62a6c1caf062db5702cc29917a244cc56acc39
9cdbbcaca407c81155be489818443758f06de7db9e82ca046a27fe9fdee4389c
GET /css/justifiedGallery.min.css HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:20 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:24 GMT
Accept-Ranges: bytes
Content-Length: 3244
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4721
Cache-Control: max-age=90292
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:20:37 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:25:29 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
mail.cafsrl.com.ar/css/owl.carousel.css
200.80.42.216200 OK 1.5 kB URL HTTP/1.1 mail.cafsrl.com.ar/css/owl.carousel.css
IP 200.80.42.216:0
Hash 757cf36615b527f207de4be3056a1049
e5be231b45cf97a30ec19586cafcec6773cf9587
39420b13d05f3fe27a387a89877eb299fda3fc2e8a8e4194ad4c9e180082e01a
GET /css/owl.carousel.css HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:20 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 14:36:31 GMT
Accept-Ranges: bytes
Content-Length: 1502
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mail.cafsrl.com.ar/css/et-font.css
200.80.42.216200 OK 7.1 kB URL HTTP/1.1 mail.cafsrl.com.ar/css/et-font.css
IP 200.80.42.216:0
File type ASCII text, with very long lines (1512)
Hash 123c43438d443ce248c609e9d97608f3
97f68c67f0ce9d09469484a8b589348cfd1a42df
2816ad89d4005ecc57c7af1b51023f4f51c436270397a296740c46f371b7902c
GET /css/et-font.css HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:20 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:24 GMT
Accept-Ranges: bytes
Content-Length: 7067
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mail.cafsrl.com.ar/css/font-awesome.min.css
200.80.42.216200 OK 24 kB URL HTTP/1.1 mail.cafsrl.com.ar/css/font-awesome.min.css
IP 200.80.42.216:0
File type ASCII text, with very long lines (23577)
Hash 04425bbdc6243fc6e54bf8984fe50330
8c15c6bd82c71e9ef1bb11cf24e502fe07518ac5
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
GET /css/font-awesome.min.css HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:20 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:24 GMT
Accept-Ranges: bytes
Content-Length: 23739
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mail.cafsrl.com.ar/css/owl.theme.css
200.80.42.216200 OK 1.7 kB URL HTTP/1.1 mail.cafsrl.com.ar/css/owl.theme.css
IP 200.80.42.216:0
Hash f23cf727e4fcca9a5470658da5e755c9
98c420dadba613ae097236b8a54138d0a5fa94cf
91ee720f3c25ec6b209d88019c20e2592340ff1fe1c94f3d5431e5fd1e77e5dc
GET /css/owl.theme.css HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:21 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:24 GMT
Accept-Ranges: bytes
Content-Length: 1665
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
mail.cafsrl.com.ar/css/magnific-popup.css
200.80.42.216200 OK 7.8 kB URL HTTP/1.1 mail.cafsrl.com.ar/css/magnific-popup.css
IP 200.80.42.216:0
Hash c70dbd97377e464a7072dae9f8732e3b
f387dcc908778095b11b10bfc01dff47ae1e8f67
648aacd32da86d341dec60d5ece0de2cfc7d578e981fad920af31a8ad8ab874c
GET /css/magnific-popup.css HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:21 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:24 GMT
Accept-Ranges: bytes
Content-Length: 7806
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
mail.cafsrl.com.ar/css/bootstrap.min.css
200.80.42.216200 OK 124 kB URL HTTP/1.1 mail.cafsrl.com.ar/css/bootstrap.min.css
IP 200.80.42.216:0
File type ASCII text, with very long lines (65009)
Size 124 kB (123603 bytes)
Hash 8538cb6337ce41034219c748b4144a54
cd7f103e7a3f0cd5c6f0f8442bde259c11e6284c
27fa6190c28b2d272d8ef85b48bb11074e082c9bc1f367df47b09801b9e393c8
GET /css/bootstrap.min.css HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:20 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:24 GMT
Accept-Ranges: bytes
Content-Length: 123603
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
mail.cafsrl.com.ar/css/style2.css
200.80.42.216200 OK 6.2 kB URL HTTP/1.1 mail.cafsrl.com.ar/css/style2.css
IP 200.80.42.216:0
File type troff or preprocessor input text\012- assembler source, ASCII text
Hash 7c6694a29a68518daa8143591c1b6ae4
b1432f13b0e661bce4489e730752e48bff91e6b1
de17eaef5c25b4e8bbefeab42b4d04423fa0bc0fef434e734a57dfc002a30746
GET /css/style2.css HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:21 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 23:16:01 GMT
Accept-Ranges: bytes
Content-Length: 6166
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
35.161.148.163101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.148.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NicJX1AIIBBJDeB8jMAuow==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: q8nLuh2YPZ9DOEakRxbJi5u5PGc=
mail.cafsrl.com.ar/js/modernizr-custom.js
200.80.42.216200 OK 4.7 kB URL HTTP/1.1 mail.cafsrl.com.ar/js/modernizr-custom.js
IP 200.80.42.216:0
File type ASCII text, with very long lines (4553)
Hash c1ce700eb52368789ce26ba0456da286
c809a9474592f71be9a9653ed85232ba3eaf7cb5
ce434f68348dd4ab6c785d9f8041d57f7b6c0041fde25ea6b94cb8564c4a8135
Analyzer Verdict Alert fortinet Phishing
GET /js/modernizr-custom.js HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:21 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:26 GMT
Accept-Ranges: bytes
Content-Length: 4659
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
mail.cafsrl.com.ar/css/animate.css
200.80.42.216200 OK 69 kB URL HTTP/1.1 mail.cafsrl.com.ar/css/animate.css
IP 200.80.42.216:0
Hash 56848eb884e1ac347f711ae327419110
f30e0ef1cfb0e9f680c8cb4ccc9a632c2ab43f3e
0f3ffa7f0b928b893a75953b1b233b2bf8dc84f94851a6d24225a59d862c270b
GET /css/animate.css HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:20 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:24 GMT
Accept-Ranges: bytes
Content-Length: 68796
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mail.cafsrl.com.ar/css/main.css
200.80.42.216200 OK 50 kB URL HTTP/1.1 mail.cafsrl.com.ar/css/main.css
IP 200.80.42.216:0
Hash dbeb0aa1d2fda1b6e21e4d3a0d09e841
54656440ba40dcd3405c7b421b42d525b7c85e7f
5fdbbf8c65ca942766c54f4c4f988dbf1583cdb0b29891dc75229c102e174a34
GET /css/main.css HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:21 GMT
Server: Apache
Last-Modified: Fri, 25 Nov 2022 18:49:56 GMT
Accept-Ranges: bytes
Content-Length: 50118
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:20:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:20:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mail.cafsrl.com.ar
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:33:54 GMT
expires: Thu, 23 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 568003
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mail.cafsrl.com.ar
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:15 GMT
expires: Thu, 23 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 567982
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mail.cafsrl.com.ar/js/wow.min.js
200.80.42.216200 OK 8.2 kB URL HTTP/1.1 mail.cafsrl.com.ar/js/wow.min.js
IP 200.80.42.216:0
File type ASCII text, with very long lines (8152)
Hash a26a117ff59c944bbb654bf506f69786
237c90127c99e91347536835096276b0add6d018
cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5
Analyzer Verdict Alert fortinet Phishing
GET /js/wow.min.js HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:21 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:26 GMT
Accept-Ranges: bytes
Content-Length: 8182
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:20:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mail.cafsrl.com.ar/js/jquery.justifiedGallery.min.js
200.80.42.216200 OK 17 kB URL HTTP/1.1 mail.cafsrl.com.ar/js/jquery.justifiedGallery.min.js
IP 200.80.42.216:0
File type ASCII text, with very long lines (16927)
Hash 55d77b5948957ff4e5469a25c6066d3f
7a1354ccab2fd3149356a20b0ba601c4a68fa3b0
6658eeefaf0ae8ac1a771fa317fc8767442a901f17bbf09bed8806b202eb62eb
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.justifiedGallery.min.js HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:21 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:26 GMT
Accept-Ranges: bytes
Content-Length: 17086
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
mail.cafsrl.com.ar/js/bootstrap.min.js
200.80.42.216200 OK 36 kB URL HTTP/1.1 mail.cafsrl.com.ar/js/bootstrap.min.js
IP 200.80.42.216:0
File type ASCII text, with very long lines (32025)
Hash 8c237312864d2e4c4f03544cd4f9b195
253711c6d825de55a8360552573be950da180614
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
Analyzer Verdict Alert fortinet Phishing
GET /js/bootstrap.min.js HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:21 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:26 GMT
Accept-Ranges: bytes
Content-Length: 35951
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
mail.cafsrl.com.ar/js/owl.carousel.js
200.80.42.216200 OK 53 kB URL HTTP/1.1 mail.cafsrl.com.ar/js/owl.carousel.js
IP 200.80.42.216:0
Hash a5f96c62d75be144282ef6cc429a6259
99a600283194105be6679b4a7cba8ac27a8c455a
9221608a4df26c3a67d553a85ea42269235ca69d2ff47419148853830d5cea2d
Analyzer Verdict Alert fortinet Phishing
GET /js/owl.carousel.js HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:21 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:26 GMT
Accept-Ranges: bytes
Content-Length: 52797
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
mail.cafsrl.com.ar/js/jquery.magnific-popup.min.js
200.80.42.216200 OK 21 kB URL HTTP/1.1 mail.cafsrl.com.ar/js/jquery.magnific-popup.min.js
IP 200.80.42.216:0
File type ASCII text, with very long lines (21071)
Hash f7501bc9635986cd6e48f19c989276be
16ebd9b82ddc45699ed629d2e704ce65e0dacf5f
f58028704edd4cead02e8bf05f79d788dbae6ada0278c73ee88e28c2dfb7dde9
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.magnific-popup.min.js HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:21 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:26 GMT
Accept-Ranges: bytes
Content-Length: 21200
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
mail.cafsrl.com.ar/js/vendor/jquery-1.11.1.min.js
200.80.42.216200 OK 96 kB URL HTTP/1.1 mail.cafsrl.com.ar/js/vendor/jquery-1.11.1.min.js
IP 200.80.42.216:0
File type ASCII text, with very long lines (32086)
Hash 8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Analyzer Verdict Alert fortinet Phishing
GET /js/vendor/jquery-1.11.1.min.js HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:21 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:27 GMT
Accept-Ranges: bytes
Content-Length: 95786
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
mail.cafsrl.com.ar/js/main.js
200.80.42.216200 OK 1.7 kB URL HTTP/1.1 mail.cafsrl.com.ar/js/main.js
IP 200.80.42.216:0
Hash ce96a2f367bcd57f0b4ac1d6bea56143
2eebd089e2924c5580cb36c0e68951b800f10464
df74d98280a1c9e4256f8c1831bbaf1a2db33043f832f808d3dbf646102e9ef2
Analyzer Verdict Alert fortinet Phishing
GET /js/main.js HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:22 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:26 GMT
Accept-Ranges: bytes
Content-Length: 1684
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
mail.cafsrl.com.ar/js/imagesloaded.pkgd.min.js
200.80.42.216200 OK 6.9 kB URL HTTP/1.1 mail.cafsrl.com.ar/js/imagesloaded.pkgd.min.js
IP 200.80.42.216:0
File type ASCII text, with very long lines (6832)
Hash 511ef2f6ee750edc32bb5c8d5d324e7e
4bccbca87d32236ed7a6f37129cc1accf20d2a8f
37dbf4b6012d4e23cbc1cba50baa3572c93a5c371b9873fb5440cb84dfbf9902
Analyzer Verdict Alert fortinet Phishing
GET /js/imagesloaded.pkgd.min.js HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:22 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:26 GMT
Accept-Ranges: bytes
Content-Length: 6949
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
mail.cafsrl.com.ar/js/classie.js
200.80.42.216200 OK 2.0 kB URL HTTP/1.1 mail.cafsrl.com.ar/js/classie.js
IP 200.80.42.216:0
Hash 55e1109b3022c56ad23c5ba676055619
a940196e1ddfad80d753dd70484da942a3b2c2b4
9477ec4f89eb231b413a95b7438ababe1800c2cff84bb08283dedadf565731f1
Analyzer Verdict Alert fortinet Phishing
GET /js/classie.js HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:22 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:26 GMT
Accept-Ranges: bytes
Content-Length: 1972
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
mail.cafsrl.com.ar/js/masonry.pkgd.min.js
200.80.42.216200 OK 29 kB URL HTTP/1.1 mail.cafsrl.com.ar/js/masonry.pkgd.min.js
IP 200.80.42.216:0
File type ASCII text, with very long lines (28817)
Hash c54e75edf5cbaf412bc16ba4145f6032
67638430c92c23cedb89db038627876d361135c0
733d7c26a5fb7240e83e8af2c822218b321b5143e28c2dd65ab2492297ac6bd7
Analyzer Verdict Alert fortinet Phishing
GET /js/masonry.pkgd.min.js HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:22 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:26 GMT
Accept-Ranges: bytes
Content-Length: 28953
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
mail.cafsrl.com.ar/js/grid.js
200.80.42.216200 OK 12 kB URL HTTP/1.1 mail.cafsrl.com.ar/js/grid.js
IP 200.80.42.216:0
File type ASCII text, with very long lines (321)
Hash 57ccd1d5e089003db73f6ccecb992733
4a3451c1b0e444b14f29d0993681950fe9594d4d
3efc66ac85890f13fb37d5980afeed063d79c3c8e4e0a790c45c76086f083cf2
Analyzer Verdict Alert fortinet Phishing
GET /js/grid.js HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:22 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:26 GMT
Accept-Ranges: bytes
Content-Length: 11676
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
mail.cafsrl.com.ar/img/caf-logo-blanco.png
200.80.42.216200 OK 11 kB URL HTTP/1.1 mail.cafsrl.com.ar/img/caf-logo-blanco.png
IP 200.80.42.216:0
File type PNG image data, 405 x 65, 8-bit/color RGBA, non-interlaced\012- data
Hash b4c003759b3fcdd31a9e08d021ed4c9f
856d401dcc7bf57fd94b86f8b8c2363b586e5a40
1a5f1481658b8ab3c20a9eadc66fb57d1269ccb6de2df0f8406c55eaf0537c45
GET /img/caf-logo-blanco.png HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:22 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:25 GMT
Accept-Ranges: bytes
Content-Length: 10799
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
mail.cafsrl.com.ar/img/logo-ricoh.png
200.80.42.216200 OK 5.3 kB URL HTTP/1.1 mail.cafsrl.com.ar/img/logo-ricoh.png
IP 200.80.42.216:0
File type PNG image data, 217 x 39, 8-bit/color RGBA, non-interlaced\012- data
Hash d9da57c1ef9faf96a061e8660d6ce65c
d06c36282f983b23a7ca35f796617b9909934c54
3b2a95c352a31994067a87272c506f52496b5efee4cefb2c2acfaf50e07fb57c
GET /img/logo-ricoh.png HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:22 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:25 GMT
Accept-Ranges: bytes
Content-Length: 5336
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
mail.cafsrl.com.ar/img/bk-paralax.jpg
200.80.42.216200 OK 100 kB URL HTTP/1.1 mail.cafsrl.com.ar/img/bk-paralax.jpg
IP 200.80.42.216:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x372, components 3\012- data
Size 100 kB (100173 bytes)
Hash 5dec3f5fb5732ca2596c3b051c961411
d404cf7dd100bc37e642e423b2d3e8f7527f3e32
601f53f97cf8bde12d6f70815e768a9391887016d0caf28f9d69074861837a0f
GET /img/bk-paralax.jpg HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/css/main.css
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:21 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:25 GMT
Accept-Ranges: bytes
Content-Length: 100173
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12110
Expires: Wed, 30 Nov 2022 12:42:28 GMT
Date: Wed, 30 Nov 2022 09:20:38 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12110
Expires: Wed, 30 Nov 2022 12:42:28 GMT
Date: Wed, 30 Nov 2022 09:20:38 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12110
Expires: Wed, 30 Nov 2022 12:42:28 GMT
Date: Wed, 30 Nov 2022 09:20:38 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12110
Expires: Wed, 30 Nov 2022 12:42:28 GMT
Date: Wed, 30 Nov 2022 09:20:38 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12110
Expires: Wed, 30 Nov 2022 12:42:28 GMT
Date: Wed, 30 Nov 2022 09:20:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 41267
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e135c29a8769eb12ef8c26f99097400
87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d
ce41ff79c382efc54aa2fd3ab64293d2d2b706a7f21585f4bd8bbcd9a3566126
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7971
x-amzn-requestid: e47d10e4-2b60-4998-b5fa-5b145e60aac2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgWHgGoAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-5b9710a07b0a59730e73dce4;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OURSF_raDXrHV3-3ScaEdorNpW9ZKSIQjv6WUCQYHhruGz372BU_QA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:58:15 GMT
age: 40943
etag: "87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:35:09 GMT
age: 38729
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05196ec43964cf559caa0c0279148d62
6170d6776615503e3e29f86783febc3e3e78ca66
47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IMaVlQblNnh9mFKwb2LG7hw7h_f1_nVYqO4aEUqY01a2HofnnQqcFQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:31 GMT
age: 41467
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f621857774e4b4adda95f58081644859
639165dc66d171b8266f22cd495181427112bc80
341fd33d3d9486079c182d60e21c355244b6597e6e09ba51ecee2e331b38ca2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10068
x-amzn-requestid: 7f386e94-3c17-44a1-a36b-3d0eeff4623d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEQQoAMFihA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-5069acfd038ffb2c124b7bd8;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Bh6VQ3BLEXcZKHFyJxHVGQWVQm-w2s0786t8SQOcHQUaNvSFc1rg-A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
etag: "639165dc66d171b8266f22cd495181427112bc80"
content-type: image/jpeg
age: 41267
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4f88ec5-5875-45d1-bcd3-d997040d6d42.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4f88ec5-5875-45d1-bcd3-d997040d6d42.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ceb8e975fb408de32c43f55febaa6414
453067f6ab356aa87a3ad3b56e33545376597852
e0ecbb6052b4fef75f58da8dae589c81ab9ec9d304de08f26c144a2c3ce9eaac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4f88ec5-5875-45d1-bcd3-d997040d6d42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3719
x-amzn-requestid: 6fab3454-fedd-4a1e-ae47-468ddd6233bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaGQ4IAMFUkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-4b313cf054d6301e71cdc0c1;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: phw8DXQgjOyH5g4gvbqgZk-2sHr2n9cHVr4lqqPXfXtyhG32gs2pIg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:45 GMT
age: 41273
etag: "453067f6ab356aa87a3ad3b56e33545376597852"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mail.cafsrl.com.ar/img/slide1-bg.jpg
200.80.42.216200 OK 89 kB URL HTTP/1.1 mail.cafsrl.com.ar/img/slide1-bg.jpg
IP 200.80.42.216:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x630, components 3\012- data
Hash 9d8bc534817e315586a82bc445ba50d3
727b7b826f4759a3a59b8f4c02d40ef8b6d113bf
db9fbdf638d90a1992f35f7c69f0fa62f6b5ec0d942a77ba5b56e1429b1f9267
GET /img/slide1-bg.jpg HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/css/main.css
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:22 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:25 GMT
Accept-Ranges: bytes
Content-Length: 88557
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
mail.cafsrl.com.ar/img/banner-character.png
200.80.42.216200 OK 153 kB URL HTTP/1.1 mail.cafsrl.com.ar/img/banner-character.png
IP 200.80.42.216:0
File type PNG image data, 502 x 565, 8-bit/color RGBA, non-interlaced\012- data
Size 153 kB (152809 bytes)
Hash c5d3a0cc18a84cf925ed6ded8e3fcaf8
8525ad0b8ae5866db510a43650d252d011ada3ed
a62889ef3aa56aa547ba495d628e79901b43400049ed5c4221f1a53e66c45c8e
GET /img/banner-character.png HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:23:22 GMT
Server: Apache
Last-Modified: Fri, 28 Oct 2022 18:16:25 GMT
Accept-Ranges: bytes
Content-Length: 152809
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
mail.cafsrl.com.ar/img/icons/
200.80.42.216404 Not Found 315 B URL HTTP/1.1 mail.cafsrl.com.ar/img/icons/
IP 200.80.42.216:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /img/icons/ HTTP/1.1
Host: mail.cafsrl.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
HTTP/1.1 404 Not Found
Date: Wed, 30 Nov 2022 09:23:22 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
fonts.googleapis.com/css?family=Raleway:200,300,400,700,900,800
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway:200,300,400,700,900,800
IP 142.250.74.106:0
GET /css?family=Raleway:200,300,400,700,900,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.cafsrl.com.ar/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 09:20:36 GMT
date: Wed, 30 Nov 2022 09:20:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2